Cisco has unveiled two new editions of its Splunk Enterprise Security solution—Essentials and Premier—to enhance security operations with agentic artificial intelligence (AI). Launched with Splunk Enterprise Security 8.2, these editions aim to simplify security operations centre (SOC) tasks, unifying threat detection and response while minimizing complexity.
The solutions leverage AI for routine analysis, facilitating automated workflows and proactive security actions. Mike Horn from Splunk highlights the importance of integrating AI to counter sophisticated adversary tactics.
The Premier Edition combines several features, including Splunk SOAR and User and Entity Behaviour Analytics (UEBA), while the Essentials version focuses on core functionalities.
New AI advancements include the Triage Agent for alert prioritization and the Malware Reversal Agent for malicious script analysis. Integration with Cisco’s infrastructure boosts SOC efficiency, providing easier access to critical logs. Both editions enhance proactive security measures, with global availability for Essentials and early access for Premier.
Source link
